Any way in the merlin router to redirect port 80 to 443 ?

[vw-kombi]

Hi,
I have nginx running on a server on my lan.
My router currently forwards ONLY port 443 to the nginx server which does its reverse proxy thing to the back end services.
I use remote subdomains for access and my own domain.
Remotely, you have to therefore do https://subdomain.example.com to get access, if you leave off the https, you cant connect.
As a test, in nginx I have added a reroute on port 80 to change to ssl :

server {
listen 80;
server_name _;
return 301 https://$host$request_uri;
}

And now if I open port 80 and redirect it to the nginx server, remote users can just key in subdomain.example.com and they get in fine.

Questions :
Is it a good idea to allow port 80 like this ? Is it safe ?
Is there a way in the router instead to do this redirect so i dont have the packets heading inside my lan ?
I have skynet, absolution installed if that helps.

Thanks.

 

[JDB]

What you have set up is secure and simple IMO.

Insecure packets can enter your LAN but they only thing they can execute this this;

server {
listen 80;
    server_name _;
    return 301 [URL]https://$host$request_uri;[/URL]
}

So no worries.

The only other option would be to run a webserver like lighttpd on the router that listens on the WAN:80 (available via entware) and have it do the exact same redirect.




Sent from my iPhone using Tapatalk

 

[vw-kombi]

Thanks JDB for the vote of confidence there. I only have 42MG ram left on the router showing so it may be a bit much to add the web server on there also - but glad to know that is an option to remove them from the lan altogether.

 

[agilani]

setup a port forwarding rule for incoming port 80 to hit your web sever ip on 443. pretty straight forward. You may have issues though for people hitting it expecting http and getting https instead.

You'd be better using custom ports instead.